September 2020

Kubernetes Q3-2020: Threats, Exploits and TTPs

Sep 30, 2020 By Manoj Ahuje In Tigera

Kubernetes has become the world’s most popular container orchestration system and is taking the enterprise ecosystem by storm. At this disruptive moment it’s useful to look back and review the security threats that have evolved in this dynamic landscape. Identifying these threats and exploits and being a proactive learner may save you a lot of time and effort…as well as help you retain your reputation in the long run.

Read Post

Tigera

Read more about Kubernetes Q3-2020: Threats, Exploits and TTPs

Calico Enterprise Multi Cluster Management - Visibility and Troubleshooting

Sep 28, 2020 By Tigera In Tigera

Learn how to simplify deployment and ongoing operations for more than one cluster running Calico Enterprise.

View Video

Tigera

Read more about Calico Enterprise Multi Cluster Management - Visibility and Troubleshooting

Getting up and running with Calico on EKS

Sep 24, 2020 By Tigera In Tigera

In this session, we will go over the design considerations and available options to run Calico on EKS. After this session you’ll be able to Understand the available supported options to run Calico on EKS Understand the various design considerations of running scalable EKS clusters with Calico Learn about the value-added capabilities of Calico Enterprise on EKS

View Video

Tigera

Read more about Getting up and running with Calico on EKS

Tigera Announces Open-Source Calico for Windows and Collaboration with Microsoft

Sep 22, 2020 By John Armstrong In Tigera

Tigera is pleased to announce that we have open-sourced Calico for Windows and made it immediately available for all to use for free. With the launch of open-source Calico for Windows, the vast ecosystem of Windows users now has unprecedented access to Kubernetes via the industry’s de-facto standard for Kubernetes networking and network security.

Read Post

Tigera

Read more about Tigera Announces Open-Source Calico for Windows and Collaboration with Microsoft

Network Policy with GKE

Sep 17, 2020 By Tigera In Tigera

By default, pods are non-isolated; they accept traffic from any source. The Google GKE solution to this security concern is Network Security Policy that lets developers control network access to their services. Google GKE comes configured with Network Security Policy using Project Calico which can be used to secure your clusters. This class will describe a few use cases for network security policy and a live demo implementing each use case.

View Video

Tigera

Read more about Network Policy with GKE

How to Secure Mixed Linux/Windows Clusters with Calico Policy

Sep 16, 2020 By Tigera In Tigera

Calico is the only cross-platform CNI and Network Policy engine available today and is currently powers more than 150,000 known clusters across millions of nodes worldwide. Many organizations have .NET and windows workloads that they are or will eventually modernize and deploy to Kubernetes. We have been collaborating with Microsoft and joint customers over the past few years to bring Calico to the Windows platform.

View Video

Tigera

Read more about How to Secure Mixed Linux/Windows Clusters with Calico Policy

Announcing eBPF Mode GA

Sep 14, 2020 By Shaun Crampton In Tigera

A few days ago, our team released Calico v3.16. As part of that release, we have marked the eBPF dataplane as “GA”, signalling that it is now stable and ready for wider use by the community. In this blog post I want to take you through the process of moving from tech-preview to GA.

Read Post

Tigera

Read more about Announcing eBPF Mode GA

Kubernetes Security - Intrusion Detection and Mitigation

Sep 10, 2020 By Tigera In Tigera

By default, pods are not isolated. This means that malicious actors once inside may wander freely throughout your kubernetes cluster. During this session we’ll discuss the different attack vectors and how to mitigate. Intro to attacking kubernetes and applications Network policies, isolation and quarantining IDS and honeypots concepts

View Video

Tigera

Read more about Kubernetes Security - Intrusion Detection and Mitigation

Achieving CI Velocity at Tigera using Semaphore

Sep 10, 2020 By Vaibhav Thakur In Tigera

Tigera serves the networking and policy enforcement needs of more than 150,000 Kubernetes clusters across the globe and supports two product lines: open source Calico, and Calico Enterprise. Our development team is constantly running smoke, system, unit, and functional verification tests, as well as all our E2Es for these products. Our CI pipelines form an extremely important aspect of the overall IT infrastructure and enable us to test our products and catch bugs before release.

Read Post

Tigera

Read more about Achieving CI Velocity at Tigera using Semaphore

Self-Service Network Security for Kubernetes

Sep 8, 2020 By Tigera In Tigera

Learn how to empower your team with safe self-service network security for Kubernetes with Calico Enterprise. What are Calico Enterprise Network Policy Tiers How to use tiers to enable safe self service policy management What are Calico Enterprise Policy impact preview and staged network policies How to enable operations and developers to safely manage Kubernetes network policy How to build a workflow using these tools to safely deliver approved changes to your clusters

View Video

Tigera

Read more about Self-Service Network Security for Kubernetes

Calico and K8s Network Policies - An Overview and Comparison

Sep 4, 2020 By Tigera In Tigera

In this session, we will go over the core concepts in k8s network policies and calico network policies. Compare and contrast between the two models, and highlight when to use one versus the other.

View Video

Tigera

Read more about Calico and K8s Network Policies - An Overview and Comparison

The New Model for Network Security: Zero Trust

Sep 3, 2020 By John Armstrong In Tigera

The old security model, which followed the “trust but verify” method, is broken. That model granted excessive implicit trust that attackers abused, putting the organization at risk from malicious internal actors and allowing unauthorized outsiders wide-reaching access once inside. The new model, Zero Trust networking, presents an approach where the default posture is to deny access.

Read Post

Tigera

Read more about The New Model for Network Security: Zero Trust

Mitigating the Risks of Instance Metadata in AWS EKS

Sep 1, 2020 By John Armstrong In Tigera

Compromising a pod in a Kubernetes cluster can have disastrous consequences on resources in an AWS Elastic Kubernetes Service (EKS) account if access to the Instance Metadata service is not explicitly blocked. The Instance Metadata service is an AWS API listening on a link-local IP address. Only accessible from EC2 instances, it enables the retrieval of metadata that is used to configure or manage an instance.

Read Post

Tigera

Read more about Mitigating the Risks of Instance Metadata in AWS EKS

Operations | Monitoring | ITSM | DevOps | Cloud

September 2020

Kubernetes Q3-2020: Threats, Exploits and TTPs

Calico Enterprise Multi Cluster Management - Visibility and Troubleshooting

Getting up and running with Calico on EKS

Tigera Announces Open-Source Calico for Windows and Collaboration with Microsoft

Network Policy with GKE

How to Secure Mixed Linux/Windows Clusters with Calico Policy

Announcing eBPF Mode GA

Kubernetes Security - Intrusion Detection and Mitigation

Achieving CI Velocity at Tigera using Semaphore

Self-Service Network Security for Kubernetes

Calico and K8s Network Policies - An Overview and Comparison

The New Model for Network Security: Zero Trust

Mitigating the Risks of Instance Metadata in AWS EKS

Monthly Archive

Follow Us